[497] in Zephyr_Comments
Re: Is there any way to get a list of everyone who is on using kerberos?
eichin@ATHENA.MIT.EDU (eichin@ATHENA.MIT.EDU)
Mon Apr 8 17:38:09 1991
On what axis does it need to scale? You've probably got a limited
budget, so the number of machines is *not* growing very quickly,
especially when compared to the number of users (here at Athena, the
number of users is either 3-4 or 10 times the number of machines,
depending on how you count users.)
To continue in the privacy vein, do you want to know "who all"
is logged in, or do you want to know who is voluntarily admitting that
they're logged in? and for that matter, what are you going to do with
this information? (as shipped, zwgc recognizes two different levels
of privacy at the bottom - "opstaff" which means that an operator with
access to the Zephyr server could figure out where you are, and "none"
- that is, the zephyr server itself doesn't know (you don't get
zephyrgrams either.) This admits up front that the zephyr server has
the data to produce the list you're referring too; however, there
isn't any support for extracting it in any way other than using
'gcore' to extract the server memory, and a debugger to read that and
find the tables.) And do *they* want *you* to know that they're logged in?
You could provide such a service seperate from the Zephyr
server - just put an ACL entry permitting some kerberos principal
(presumably in a srvtab file on a server somewhere) to subscribe to
LOGIN,*,* and then have it sit there and listen for all such messages,
and maintain the login state (you could even have it maintain a file
that GNU Finger would read.) [I shouldn't say this, but you could even
prototype this entirely in perl - I've got a good portion of the
Zephyr and Kerberos libraries implemented already :-)]
